Please note: Players take full responsibility for what actions may occur on your account. Support does not handle or process any Suspicious Activity punishments, please read our How to appeal guide for more information.
Account Sharing:
First and foremost no account sharing. The only person who should have access is yourself and no one else. Any actions which occur on your account are your responsibility. It is also your responsibility to secure your account and avoid becoming compromised.
Two-Factor Authentication
Sites and common companies offer Two-Factor Authentication (also referred to as 2FA or Multi-Factor Authentication). This method of security uses a secondary device to generate a code that you input before logging into your associated account. If your password happens to be discovered by someone else, they will be unable to log in as they cannot generate the required code.
There are various ways for Two-Factor Authentication to send a code, the common ways are via a phone application such as Google Authenticator or via a text message to your phone. We recommend you have Two-Factor Authentication on all your important accounts such as email accounts.
Passwords
All accounts online have passwords. To help you keep secure passwords we have some general password tips found below.
Where possible, use passwords that are at least 12 or more characters in length - longer passwords are better. This helps make your password harder for a person or machine to guess or brute force.
Using a variety of character types, including letters (upper and lowercase), numbers, and special characters (e.g. !, @, #, or &). Avoid changing words with numbers, such as “P4aS5W0rd!” is still not a secure password.
This makes sure that one password becomes compromised, no other passwords are, and reduces the damage done to your information.
If you struggle to remember passwords, you are able to use a password manager application, some managers come with built-in strong password generators when creating accounts online.
Where available, set up security questions so that websites will confirm that you are you when taking certain actions on them. Answering questions with custom passwords or random characters instead of using one more answer.
Creating an email address or changing a current email address by adding extra letters before or after the main part of your email address, such as "example+randomcharacters@email.com". Making the email address harder to crack for a person or machine.
When using the internet you want to keep in mind that you do not accidentally give out any personal information. To help you with this, we have come up with a list of ways to keep your information secure while browsing the internet.
Always check the URL (address bar)!
When clicking on any links on the internet, always check the link to make sure it is what you expect it to be. If it is anything else, it is likely a phishing link with the site designed in such a way as to steal your personal information, such as your login details.
For example, all of Horizon's official sites are linked below. Any site that is not one of these has no affiliation to Horizon, even if it claims otherwise, and should not be trusted.
If it’s too good to be true, it is!
A generally good principle to use everywhere. If something seems to be true online, it almost certainly is. A prime example is if you get a message from someone they found a way to get free Minecon capes; this is likely phishing as all Minecon Cape links have been retired.
If you are unsure in any situation, avoid communicating with the person or people in question if something seems suspicious.
Never give out personal details!
This is the most important part. There is no reason anyone should ask you for any personal information or account details online. This information should be kept to yourself and not be shared with anyone.
Do not click on sketchy links!
If you are unsure whether a link is safe, you should not click it. If someone is sending these links on any of our platforms report them using the appropriate methods. Such as /report if it is in-game.
Continually update passwords!
To stop unwanted visitors from gaining access to your accounts or information, changing your passwords throughout the year makes it harder for a person or machine to gain access if the information which is gathered is incorrect.
As a general tip, if you get a site asking for you to log in and you’re suspicious of it, try entering some random details such as “username” and “password”. If it lets you “login”, it’s there to steal your details. That said, don’t treat this as a reliable test either.
If you believe someone has gained access to one of your accounts, do not panic. We recommend you do the following:
Please Note: Horizon Support does not have any power to ban any Minecraft accounts upon request if you believe your account may be compromised. Please contact Microsoft Support if you believe your account is compromised.
If your account has been issued with a 'Suspicious Activity' punishment, please read our How to Appeal a Ban or Mute guide for more information about the punishment.